Skip to main content

IoT & privacy Short

Center for Policy on Emerging Technologies
The Internet of Things: Roundtable with FTC Commissioner Brill
Washington, DC; February 26, 2014

The Internet of Things: Building Trust to Maximize Consumer Benefits

感谢主持人+感谢邀请

Thank you, Nigel, for that kind introduction, and thank you to the Center for inviting me to speak this afternoon. It is a pleasure to discuss the benefits and the consumer protection challenges of the Internet of Things (物联网) with all of you. 

很高兴和大家来探讨物联网能够带来哪些益处和挑战/很高兴从效益和消费者的挑战的角度来谈谈...

Scientists, entrepreneurs, academics, and policy makers see the potential for this vast expansion in the data available about us  (has the potential) to solve important social challenges,(有望帮助我们解决一些社会挑战) from reducing the amount of gas we waste sitting in traffic jams and more efficiently managing our energy consumption, to achieving breakthroughs in healthcare. The potential benefits that these kinds of discoveries can bring to society are enormous and exciting. 

But consumers, policy makers, and academics also see risks to consumers in these vast storehouses of data. The Internet of Things shows how deeply personal information will be abundant and easily available. Connected devices will offer a detailed view into where we are, what’s happening in our homes, and what our children are doing. The very nature of these devices marks a major shift for consumers, who until now have had a handful of devices that mainly serve to connect them to the Internet. Going forward, consumers will have a multitude of devices that could generate data that is accurate, abundant, and sensitive – and, if combined with other online and offline data, could have the potential to create alarmingly personal consumer profiles. 

One of the most troubling risks coming from the collection and use of big data is its use in making sensitive predictions about consumers, such as those involving their sexual orientation, health conditions, religion, and race. A well-known, even infamous, example is Target’s so-called “pregnancy prediction” score. As everyone in this room probably knows by now, using retail transaction data, Target was able to calculate, not only whether a consumer was pregnant, but also when her baby was due. It used the information to win the expectant mom’s loyalty by offering coupons tailored to her stage of pregnancy.

And data brokers (数据中介) – entities that most folks know nothing about because they are not consumer-facing – are going far beyond this in the profiles that they develop from vast amounts of online and offline data. A recent GAO (美国政府问责局) report states that at least one data broker includes in its profiles about consumers information about 28 or more specific diseases, including cancer, diabetes, and clinical depression problems. According to a Senate staff report released last December, another data broker keeps 75,000 data elements about consumers in its system, including the use of yeast infection products, laxatives, and OB/GYN services, among other health-related data. And we recently read reports about another company that analyzes innocuous data from social media and the like to predict disease conditions like diabetes, obesity, and arthritis in order to persuade particular consumers to join medical trials. All of this creation, collection and use of health information is happening outside any regulatory scheme to protect this information. 

It’s not hard to imagine the devices that I mentioned earlier, or their close cousins, feeding data into this system. Location, lifestyle, and all kinds of consumption habits could easily become available to data brokers and other analysts. Their inferences could soon be enriched by hard data from smart devices – before consumers even know that their devices are connected to the Internet. 

There are two main reasons to be concerned about the vast amounts of personal data coming from the Internet of Things. First, we should all be concerned about the use of deeply sensitive personal information to make decisions about consumers, outside a legal regime that would provide notice and an opportunity to challenge the accuracy of the data. We will pay a price if data is inaccurate, misused, or through a security breach falls into the wrong hands. And we will pay a price in a lost sense of autonomy in a society in which information about some of the most sensitive aspects of our lives is available for analysts to examine without our knowledge or consent, and for anyone to buy if they are willing to pay the going price.

Second, we should all be concerned that questions about privacy will keep consumers away from the Internet of Things because they do not trust it. Some argue that companies so clearly see the need to keep consumers’ trust that they will play it safe with consumer data coming from the Internet of Things by offering strong privacy protections. During our ongoing national discussion about NSA (美国国家安全局) surveillance, national security, and privacy, the President and other leaders at the highest levels of government, as well as leaders within the business community, have recognized that the trust of individuals is essential to the success of programs and services built on big data analytics. But, as we’ve seen from the Internet of PCs, cell phones and tablets, pressures within an industry can encourage companies to collect and share more and more personal information while weakening privacy safeguards. 

We should address these privacy concerns now, while we are still somewhat early in the development of the Internet of Things. And part of this process requires us to think about the roles that consumer-facing companies as well as non-consumer facing companies might play.

 

Back to top